1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Herb Hasler and Rick Macklem at The University of Guelph. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 4. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #ifndef lint 34 static const char copyright[] = 35 "@(#) Copyright (c) 1989, 1993\n\ 36 The Regents of the University of California. All rights reserved.\n"; 37 #endif /*not lint*/ 38 39 #if 0 40 #ifndef lint 41 static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95"; 42 #endif /*not lint*/ 43 #endif 44 45 #include <sys/cdefs.h> 46 __FBSDID("$FreeBSD$"); 47 48 #include <sys/param.h> 49 #include <sys/mount.h> 50 #include <sys/fcntl.h> 51 #include <sys/stat.h> 52 #include <sys/syslog.h> 53 #include <sys/sysctl.h> 54 #include <sys/linker.h> 55 #include <sys/module.h> 56 57 #include <rpc/rpc.h> 58 #include <rpc/rpc_com.h> 59 #include <rpc/pmap_clnt.h> 60 #include <rpc/pmap_prot.h> 61 #include <rpcsvc/mount.h> 62 #include <nfs/rpcv2.h> 63 #include <nfs/nfsproto.h> 64 #include <nfsserver/nfs.h> 65 #include <ufs/ufs/ufsmount.h> 66 #include <fs/msdosfs/msdosfsmount.h> 67 #include <fs/ntfs/ntfsmount.h> 68 #include <isofs/cd9660/cd9660_mount.h> /* XXX need isofs in include */ 69 70 #include <arpa/inet.h> 71 72 #include <ctype.h> 73 #include <err.h> 74 #include <errno.h> 75 #include <grp.h> 76 #include <limits.h> 77 #include <netdb.h> 78 #include <pwd.h> 79 #include <signal.h> 80 #include <stdio.h> 81 #include <stdlib.h> 82 #include <string.h> 83 #include <unistd.h> 84 #include "pathnames.h" 85 86 #ifdef DEBUG 87 #include <stdarg.h> 88 #endif 89 90 #ifndef MOUNTDLOCK 91 #define MOUNTDLOCK "/var/run/mountd.lock" 92 #endif 93 94 /* 95 * Structures for keeping the mount list and export list 96 */ 97 struct mountlist { 98 struct mountlist *ml_next; 99 char ml_host[RPCMNT_NAMELEN+1]; 100 char ml_dirp[RPCMNT_PATHLEN+1]; 101 }; 102 103 struct dirlist { 104 struct dirlist *dp_left; 105 struct dirlist *dp_right; 106 int dp_flag; 107 struct hostlist *dp_hosts; /* List of hosts this dir exported to */ 108 char dp_dirp[1]; /* Actually malloc'd to size of dir */ 109 }; 110 /* dp_flag bits */ 111 #define DP_DEFSET 0x1 112 #define DP_HOSTSET 0x2 113 114 struct exportlist { 115 struct exportlist *ex_next; 116 struct dirlist *ex_dirl; 117 struct dirlist *ex_defdir; 118 int ex_flag; 119 fsid_t ex_fs; 120 char *ex_fsdir; 121 char *ex_indexfile; 122 }; 123 /* ex_flag bits */ 124 #define EX_LINKED 0x1 125 126 struct netmsk { 127 struct sockaddr_storage nt_net; 128 struct sockaddr_storage nt_mask; 129 char *nt_name; 130 }; 131 132 union grouptypes { 133 struct addrinfo *gt_addrinfo; 134 struct netmsk gt_net; 135 }; 136 137 struct grouplist { 138 int gr_type; 139 union grouptypes gr_ptr; 140 struct grouplist *gr_next; 141 }; 142 /* Group types */ 143 #define GT_NULL 0x0 144 #define GT_HOST 0x1 145 #define GT_NET 0x2 146 #define GT_DEFAULT 0x3 147 #define GT_IGNORE 0x5 148 149 struct hostlist { 150 int ht_flag; /* Uses DP_xx bits */ 151 struct grouplist *ht_grp; 152 struct hostlist *ht_next; 153 }; 154 155 struct fhreturn { 156 int fhr_flag; 157 int fhr_vers; 158 nfsfh_t fhr_fh; 159 }; 160 161 /* Global defs */ 162 char *add_expdir(struct dirlist **, char *, int); 163 void add_dlist(struct dirlist **, struct dirlist *, 164 struct grouplist *, int); 165 void add_mlist(char *, char *); 166 int check_dirpath(char *); 167 int check_options(struct dirlist *); 168 int checkmask(struct sockaddr *sa); 169 int chk_host(struct dirlist *, struct sockaddr *, int *, int *); 170 void del_mlist(char *hostp, char *dirp); 171 struct dirlist *dirp_search(struct dirlist *, char *); 172 int do_mount(struct exportlist *, struct grouplist *, int, 173 struct xucred *, char *, int, struct statfs *); 174 int do_opt(char **, char **, struct exportlist *, struct grouplist *, 175 int *, int *, struct xucred *); 176 struct exportlist *ex_search(fsid_t *); 177 struct exportlist *get_exp(void); 178 void free_dir(struct dirlist *); 179 void free_exp(struct exportlist *); 180 void free_grp(struct grouplist *); 181 void free_host(struct hostlist *); 182 void get_exportlist(void); 183 int get_host(char *, struct grouplist *, struct grouplist *); 184 struct hostlist *get_ht(void); 185 int get_line(void); 186 void get_mountlist(void); 187 int get_net(char *, struct netmsk *, int); 188 void getexp_err(struct exportlist *, struct grouplist *); 189 struct grouplist *get_grp(void); 190 void hang_dirp(struct dirlist *, struct grouplist *, 191 struct exportlist *, int); 192 void huphandler(int sig); 193 int makemask(struct sockaddr_storage *ssp, int bitlen); 194 void mntsrv(struct svc_req *, SVCXPRT *); 195 void nextfield(char **, char **); 196 void out_of_mem(void); 197 void parsecred(char *, struct xucred *); 198 int put_exlist(struct dirlist *, XDR *, struct dirlist *, int *, int); 199 void *sa_rawaddr(struct sockaddr *sa, int *nbytes); 200 int sacmp(struct sockaddr *sa1, struct sockaddr *sa2, 201 struct sockaddr *samask); 202 int scan_tree(struct dirlist *, struct sockaddr *); 203 static void usage(void); 204 int xdr_dir(XDR *, char *); 205 int xdr_explist(XDR *, caddr_t); 206 int xdr_explist_brief(XDR *, caddr_t); 207 int xdr_fhs(XDR *, caddr_t); 208 int xdr_mlist(XDR *, caddr_t); 209 void terminate(int); 210 211 struct exportlist *exphead; 212 struct mountlist *mlhead; 213 struct grouplist *grphead; 214 char exname[MAXPATHLEN]; 215 struct xucred def_anon = { 216 XUCRED_VERSION, 217 (uid_t)-2, 218 1, 219 { (gid_t)-2 }, 220 NULL 221 }; 222 int force_v2 = 0; 223 int resvport_only = 1; 224 int dir_only = 1; 225 int dolog = 0; 226 int got_sighup = 0; 227 228 int opt_flags; 229 static int have_v6 = 1; 230 #ifdef NI_WITHSCOPEID 231 static const int ninumeric = NI_NUMERICHOST | NI_WITHSCOPEID; 232 #else 233 static const int ninumeric = NI_NUMERICHOST; 234 #endif 235 236 int mountdlockfd; 237 /* Bits for opt_flags above */ 238 #define OP_MAPROOT 0x01 239 #define OP_MAPALL 0x02 240 /* 0x4 free */ 241 #define OP_MASK 0x08 242 #define OP_NET 0x10 243 #define OP_ALLDIRS 0x40 244 #define OP_HAVEMASK 0x80 /* A mask was specified or inferred. */ 245 #define OP_QUIET 0x100 246 #define OP_MASKLEN 0x200 247 248 #ifdef DEBUG 249 int debug = 1; 250 void SYSLOG(int, const char *, ...) __printflike(2, 3); 251 #define syslog SYSLOG 252 #else 253 int debug = 0; 254 #endif 255 256 /* 257 * Mountd server for NFS mount protocol as described in: 258 * NFS: Network File System Protocol Specification, RFC1094, Appendix A 259 * The optional arguments are the exports file name 260 * default: _PATH_EXPORTS 261 * and "-n" to allow nonroot mount. 262 */ 263 int 264 main(argc, argv) 265 int argc; 266 char **argv; 267 { 268 fd_set readfds; 269 struct sockaddr_in sin; 270 struct sockaddr_in6 sin6; 271 char *endptr; 272 SVCXPRT *udptransp, *tcptransp, *udp6transp, *tcp6transp; 273 struct netconfig *udpconf, *tcpconf, *udp6conf, *tcp6conf; 274 int udpsock, tcpsock, udp6sock, tcp6sock; 275 int xcreated = 0, s; 276 int maxrec = RPC_MAXDATASIZE; 277 int one = 1; 278 int c, r; 279 in_port_t svcport = 0; 280 281 udp6conf = tcp6conf = NULL; 282 udp6sock = tcp6sock = 0; 283 284 /* Check that another mountd isn't already running. */ 285 if ((mountdlockfd = (open(MOUNTDLOCK, O_RDONLY|O_CREAT, 0444))) == -1) 286 err(1, "%s", MOUNTDLOCK); 287 288 if(flock(mountdlockfd, LOCK_EX|LOCK_NB) == -1 && errno == EWOULDBLOCK) 289 errx(1, "another mountd is already running. Aborting"); 290 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); 291 if (s < 0) 292 have_v6 = 0; 293 else 294 close(s); 295 if (modfind("nfsserver") < 0) { 296 /* Not present in kernel, try loading it */ 297 if (kldload("nfsserver") < 0 || modfind("nfsserver") < 0) 298 errx(1, "NFS server is not available or loadable"); 299 } 300 301 while ((c = getopt(argc, argv, "2dlnp:r")) != -1) 302 switch (c) { 303 case '2': 304 force_v2 = 1; 305 break; 306 case 'n': 307 resvport_only = 0; 308 break; 309 case 'r': 310 dir_only = 0; 311 break; 312 case 'd': 313 debug = debug ? 0 : 1; 314 break; 315 case 'l': 316 dolog = 1; 317 break; 318 case 'p': 319 endptr = NULL; 320 svcport = (in_port_t)strtoul(optarg, &endptr, 10); 321 if (endptr == NULL || *endptr != '\0' || 322 svcport == 0 || svcport >= IPPORT_MAX) 323 usage(); 324 break; 325 default: 326 usage(); 327 }; 328 argc -= optind; 329 argv += optind; 330 grphead = (struct grouplist *)NULL; 331 exphead = (struct exportlist *)NULL; 332 mlhead = (struct mountlist *)NULL; 333 if (argc == 1) { 334 strncpy(exname, *argv, MAXPATHLEN-1); 335 exname[MAXPATHLEN-1] = '\0'; 336 } else 337 strcpy(exname, _PATH_EXPORTS); 338 openlog("mountd", LOG_PID, LOG_DAEMON); 339 if (debug) 340 warnx("getting export list"); 341 get_exportlist(); 342 if (debug) 343 warnx("getting mount list"); 344 get_mountlist(); 345 if (debug) 346 warnx("here we go"); 347 if (debug == 0) { 348 daemon(0, 0); 349 signal(SIGINT, SIG_IGN); 350 signal(SIGQUIT, SIG_IGN); 351 } 352 signal(SIGHUP, huphandler); 353 signal(SIGTERM, terminate); 354 { FILE *pidfile = fopen(_PATH_MOUNTDPID, "w"); 355 if (pidfile != NULL) { 356 fprintf(pidfile, "%d\n", getpid()); 357 fclose(pidfile); 358 } 359 } 360 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL); 361 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL); 362 udpsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); 363 tcpsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); 364 udpconf = getnetconfigent("udp"); 365 tcpconf = getnetconfigent("tcp"); 366 367 rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec); 368 369 if (!have_v6) 370 goto skip_v6; 371 udp6sock = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); 372 tcp6sock = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); 373 /* 374 * We're doing host-based access checks here, so don't allow 375 * v4-in-v6 to confuse things. The kernel will disable it 376 * by default on NFS sockets too. 377 */ 378 if (udp6sock != -1 && setsockopt(udp6sock, IPPROTO_IPV6, 379 IPV6_V6ONLY, &one, sizeof one) < 0) { 380 syslog(LOG_ERR, "can't disable v4-in-v6 on UDP socket"); 381 exit(1); 382 } 383 if (tcp6sock != -1 && setsockopt(tcp6sock, IPPROTO_IPV6, 384 IPV6_V6ONLY, &one, sizeof one) < 0) { 385 syslog(LOG_ERR, "can't disable v4-in-v6 on TCP socket"); 386 exit(1); 387 } 388 udp6conf = getnetconfigent("udp6"); 389 tcp6conf = getnetconfigent("tcp6"); 390 391 skip_v6: 392 if (!resvport_only) { 393 if (sysctlbyname("vfs.nfsrv.nfs_privport", NULL, NULL, 394 &resvport_only, sizeof(resvport_only)) != 0 && 395 errno != ENOENT) { 396 syslog(LOG_ERR, "sysctl: %m"); 397 exit(1); 398 } 399 } 400 if (svcport != 0) { 401 bzero(&sin, sizeof(struct sockaddr_in)); 402 sin.sin_len = sizeof(struct sockaddr_in); 403 sin.sin_family = AF_INET; 404 sin.sin_port = htons(svcport); 405 406 bzero(&sin6, sizeof(struct sockaddr_in6)); 407 sin6.sin6_len = sizeof(struct sockaddr_in6); 408 sin6.sin6_family = AF_INET6; 409 sin6.sin6_port = htons(svcport); 410 } 411 if (udpsock != -1 && udpconf != NULL) { 412 if (svcport != 0) { 413 r = bindresvport(udpsock, &sin); 414 if (r != 0) { 415 syslog(LOG_ERR, "bindresvport: %m"); 416 exit(1); 417 } 418 } else 419 (void)bindresvport(udpsock, NULL); 420 udptransp = svc_dg_create(udpsock, 0, 0); 421 if (udptransp != NULL) { 422 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER1, 423 mntsrv, udpconf)) 424 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER1 service"); 425 else 426 xcreated++; 427 if (!force_v2) { 428 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER3, 429 mntsrv, udpconf)) 430 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER3 service"); 431 else 432 xcreated++; 433 } 434 } else 435 syslog(LOG_WARNING, "can't create UDP services"); 436 437 } 438 if (tcpsock != -1 && tcpconf != NULL) { 439 if (svcport != 0) { 440 r = bindresvport(tcpsock, &sin); 441 if (r != 0) { 442 syslog(LOG_ERR, "bindresvport: %m"); 443 exit(1); 444 } 445 } else 446 (void)bindresvport(tcpsock, NULL); 447 listen(tcpsock, SOMAXCONN); 448 tcptransp = svc_vc_create(tcpsock, RPC_MAXDATASIZE, RPC_MAXDATASIZE); 449 if (tcptransp != NULL) { 450 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER1, 451 mntsrv, tcpconf)) 452 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER1 service"); 453 else 454 xcreated++; 455 if (!force_v2) { 456 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER3, 457 mntsrv, tcpconf)) 458 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER3 service"); 459 else 460 xcreated++; 461 } 462 } else 463 syslog(LOG_WARNING, "can't create TCP service"); 464 465 } 466 if (have_v6 && udp6sock != -1 && udp6conf != NULL) { 467 if (svcport != 0) { 468 r = bindresvport_sa(udp6sock, 469 (struct sockaddr *)&sin6); 470 if (r != 0) { 471 syslog(LOG_ERR, "bindresvport_sa: %m"); 472 exit(1); 473 } 474 } else 475 (void)bindresvport_sa(udp6sock, NULL); 476 udp6transp = svc_dg_create(udp6sock, 0, 0); 477 if (udp6transp != NULL) { 478 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER1, 479 mntsrv, udp6conf)) 480 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER1 service"); 481 else 482 xcreated++; 483 if (!force_v2) { 484 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER3, 485 mntsrv, udp6conf)) 486 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER3 service"); 487 else 488 xcreated++; 489 } 490 } else 491 syslog(LOG_WARNING, "can't create UDP6 service"); 492 493 } 494 if (have_v6 && tcp6sock != -1 && tcp6conf != NULL) { 495 if (svcport != 0) { 496 r = bindresvport_sa(tcp6sock, 497 (struct sockaddr *)&sin6); 498 if (r != 0) { 499 syslog(LOG_ERR, "bindresvport_sa: %m"); 500 exit(1); 501 } 502 } else 503 (void)bindresvport_sa(tcp6sock, NULL); 504 listen(tcp6sock, SOMAXCONN); 505 tcp6transp = svc_vc_create(tcp6sock, RPC_MAXDATASIZE, RPC_MAXDATASIZE); 506 if (tcp6transp != NULL) { 507 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER1, 508 mntsrv, tcp6conf)) 509 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER1 service"); 510 else 511 xcreated++; 512 if (!force_v2) { 513 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER3, 514 mntsrv, tcp6conf)) 515 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER3 service"); 516 else 517 xcreated++; 518 } 519 } else 520 syslog(LOG_WARNING, "can't create TCP6 service"); 521 522 } 523 if (xcreated == 0) { 524 syslog(LOG_ERR, "could not create any services"); 525 exit(1); 526 } 527 528 /* Expand svc_run() here so that we can call get_exportlist(). */ 529 for (;;) { 530 if (got_sighup) { 531 get_exportlist(); 532 got_sighup = 0; 533 } 534 readfds = svc_fdset; 535 switch (select(svc_maxfd + 1, &readfds, NULL, NULL, NULL)) { 536 case -1: 537 if (errno == EINTR) 538 continue; 539 syslog(LOG_ERR, "mountd died: select: %m"); 540 exit(1); 541 case 0: 542 continue; 543 default: 544 svc_getreqset(&readfds); 545 } 546 } 547 } 548 549 static void 550 usage() 551 { 552 fprintf(stderr, 553 "usage: mountd [-2] [-d] [-l] [-n] [-p <port>] [-r] " 554 "[export_file]\n"); 555 exit(1); 556 } 557 558 /* 559 * The mount rpc service 560 */ 561 void 562 mntsrv(rqstp, transp) 563 struct svc_req *rqstp; 564 SVCXPRT *transp; 565 { 566 struct exportlist *ep; 567 struct dirlist *dp; 568 struct fhreturn fhr; 569 struct stat stb; 570 struct statfs fsb; 571 char host[NI_MAXHOST], numerichost[NI_MAXHOST]; 572 int lookup_failed = 1; 573 struct sockaddr *saddr; 574 u_short sport; 575 char rpcpath[RPCMNT_PATHLEN + 1], dirpath[MAXPATHLEN]; 576 int bad = 0, defset, hostset; 577 sigset_t sighup_mask; 578 579 sigemptyset(&sighup_mask); 580 sigaddset(&sighup_mask, SIGHUP); 581 saddr = svc_getrpccaller(transp)->buf; 582 switch (saddr->sa_family) { 583 case AF_INET6: 584 sport = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port); 585 break; 586 case AF_INET: 587 sport = ntohs(((struct sockaddr_in *)saddr)->sin_port); 588 break; 589 default: 590 syslog(LOG_ERR, "request from unknown address family"); 591 return; 592 } 593 lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host, 594 NULL, 0, 0); 595 getnameinfo(saddr, saddr->sa_len, numerichost, 596 sizeof numerichost, NULL, 0, NI_NUMERICHOST); 597 switch (rqstp->rq_proc) { 598 case NULLPROC: 599 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL)) 600 syslog(LOG_ERR, "can't send reply"); 601 return; 602 case RPCMNT_MOUNT: 603 if (sport >= IPPORT_RESERVED && resvport_only) { 604 syslog(LOG_NOTICE, 605 "mount request from %s from unprivileged port", 606 numerichost); 607 svcerr_weakauth(transp); 608 return; 609 } 610 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) { 611 syslog(LOG_NOTICE, "undecodable mount request from %s", 612 numerichost); 613 svcerr_decode(transp); 614 return; 615 } 616 617 /* 618 * Get the real pathname and make sure it is a directory 619 * or a regular file if the -r option was specified 620 * and it exists. 621 */ 622 if (realpath(rpcpath, dirpath) == NULL || 623 stat(dirpath, &stb) < 0 || 624 (!S_ISDIR(stb.st_mode) && 625 (dir_only || !S_ISREG(stb.st_mode))) || 626 statfs(dirpath, &fsb) < 0) { 627 chdir("/"); /* Just in case realpath doesn't */ 628 syslog(LOG_NOTICE, 629 "mount request from %s for non existent path %s", 630 numerichost, dirpath); 631 if (debug) 632 warnx("stat failed on %s", dirpath); 633 bad = ENOENT; /* We will send error reply later */ 634 } 635 636 /* Check in the exports list */ 637 sigprocmask(SIG_BLOCK, &sighup_mask, NULL); 638 ep = ex_search(&fsb.f_fsid); 639 hostset = defset = 0; 640 if (ep && (chk_host(ep->ex_defdir, saddr, &defset, &hostset) || 641 ((dp = dirp_search(ep->ex_dirl, dirpath)) && 642 chk_host(dp, saddr, &defset, &hostset)) || 643 (defset && scan_tree(ep->ex_defdir, saddr) == 0 && 644 scan_tree(ep->ex_dirl, saddr) == 0))) { 645 if (bad) { 646 if (!svc_sendreply(transp, (xdrproc_t)xdr_long, 647 (caddr_t)&bad)) 648 syslog(LOG_ERR, "can't send reply"); 649 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 650 return; 651 } 652 if (hostset & DP_HOSTSET) 653 fhr.fhr_flag = hostset; 654 else 655 fhr.fhr_flag = defset; 656 fhr.fhr_vers = rqstp->rq_vers; 657 /* Get the file handle */ 658 memset(&fhr.fhr_fh, 0, sizeof(nfsfh_t)); 659 if (getfh(dirpath, (fhandle_t *)&fhr.fhr_fh) < 0) { 660 bad = errno; 661 syslog(LOG_ERR, "can't get fh for %s", dirpath); 662 if (!svc_sendreply(transp, (xdrproc_t)xdr_long, 663 (caddr_t)&bad)) 664 syslog(LOG_ERR, "can't send reply"); 665 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 666 return; 667 } 668 if (!svc_sendreply(transp, (xdrproc_t)xdr_fhs, 669 (caddr_t)&fhr)) 670 syslog(LOG_ERR, "can't send reply"); 671 if (!lookup_failed) 672 add_mlist(host, dirpath); 673 else 674 add_mlist(numerichost, dirpath); 675 if (debug) 676 warnx("mount successful"); 677 if (dolog) 678 syslog(LOG_NOTICE, 679 "mount request succeeded from %s for %s", 680 numerichost, dirpath); 681 } else { 682 bad = EACCES; 683 syslog(LOG_NOTICE, 684 "mount request denied from %s for %s", 685 numerichost, dirpath); 686 } 687 688 if (bad && !svc_sendreply(transp, (xdrproc_t)xdr_long, 689 (caddr_t)&bad)) 690 syslog(LOG_ERR, "can't send reply"); 691 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 692 return; 693 case RPCMNT_DUMP: 694 if (!svc_sendreply(transp, (xdrproc_t)xdr_mlist, (caddr_t)NULL)) 695 syslog(LOG_ERR, "can't send reply"); 696 else if (dolog) 697 syslog(LOG_NOTICE, 698 "dump request succeeded from %s", 699 numerichost); 700 return; 701 case RPCMNT_UMOUNT: 702 if (sport >= IPPORT_RESERVED && resvport_only) { 703 syslog(LOG_NOTICE, 704 "umount request from %s from unprivileged port", 705 numerichost); 706 svcerr_weakauth(transp); 707 return; 708 } 709 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) { 710 syslog(LOG_NOTICE, "undecodable umount request from %s", 711 numerichost); 712 svcerr_decode(transp); 713 return; 714 } 715 if (realpath(rpcpath, dirpath) == NULL) { 716 syslog(LOG_NOTICE, "umount request from %s " 717 "for non existent path %s", 718 numerichost, dirpath); 719 } 720 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL)) 721 syslog(LOG_ERR, "can't send reply"); 722 if (!lookup_failed) 723 del_mlist(host, dirpath); 724 del_mlist(numerichost, dirpath); 725 if (dolog) 726 syslog(LOG_NOTICE, 727 "umount request succeeded from %s for %s", 728 numerichost, dirpath); 729 return; 730 case RPCMNT_UMNTALL: 731 if (sport >= IPPORT_RESERVED && resvport_only) { 732 syslog(LOG_NOTICE, 733 "umountall request from %s from unprivileged port", 734 numerichost); 735 svcerr_weakauth(transp); 736 return; 737 } 738 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL)) 739 syslog(LOG_ERR, "can't send reply"); 740 if (!lookup_failed) 741 del_mlist(host, NULL); 742 del_mlist(numerichost, NULL); 743 if (dolog) 744 syslog(LOG_NOTICE, 745 "umountall request succeeded from %s", 746 numerichost); 747 return; 748 case RPCMNT_EXPORT: 749 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist, (caddr_t)NULL)) 750 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist_brief, 751 (caddr_t)NULL)) 752 syslog(LOG_ERR, "can't send reply"); 753 if (dolog) 754 syslog(LOG_NOTICE, 755 "export request succeeded from %s", 756 numerichost); 757 return; 758 default: 759 svcerr_noproc(transp); 760 return; 761 } 762 } 763 764 /* 765 * Xdr conversion for a dirpath string 766 */ 767 int 768 xdr_dir(xdrsp, dirp) 769 XDR *xdrsp; 770 char *dirp; 771 { 772 return (xdr_string(xdrsp, &dirp, RPCMNT_PATHLEN)); 773 } 774 775 /* 776 * Xdr routine to generate file handle reply 777 */ 778 int 779 xdr_fhs(xdrsp, cp) 780 XDR *xdrsp; 781 caddr_t cp; 782 { 783 struct fhreturn *fhrp = (struct fhreturn *)cp; 784 u_long ok = 0, len, auth; 785 786 if (!xdr_long(xdrsp, &ok)) 787 return (0); 788 switch (fhrp->fhr_vers) { 789 case 1: 790 return (xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, NFSX_V2FH)); 791 case 3: 792 len = NFSX_V3FH; 793 if (!xdr_long(xdrsp, &len)) 794 return (0); 795 if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len)) 796 return (0); 797 auth = RPCAUTH_UNIX; 798 len = 1; 799 if (!xdr_long(xdrsp, &len)) 800 return (0); 801 return (xdr_long(xdrsp, &auth)); 802 }; 803 return (0); 804 } 805 806 int 807 xdr_mlist(xdrsp, cp) 808 XDR *xdrsp; 809 caddr_t cp; 810 { 811 struct mountlist *mlp; 812 int true = 1; 813 int false = 0; 814 char *strp; 815 816 mlp = mlhead; 817 while (mlp) { 818 if (!xdr_bool(xdrsp, &true)) 819 return (0); 820 strp = &mlp->ml_host[0]; 821 if (!xdr_string(xdrsp, &strp, RPCMNT_NAMELEN)) 822 return (0); 823 strp = &mlp->ml_dirp[0]; 824 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN)) 825 return (0); 826 mlp = mlp->ml_next; 827 } 828 if (!xdr_bool(xdrsp, &false)) 829 return (0); 830 return (1); 831 } 832 833 /* 834 * Xdr conversion for export list 835 */ 836 int 837 xdr_explist_common(xdrsp, cp, brief) 838 XDR *xdrsp; 839 caddr_t cp; 840 int brief; 841 { 842 struct exportlist *ep; 843 int false = 0; 844 int putdef; 845 sigset_t sighup_mask; 846 847 sigemptyset(&sighup_mask); 848 sigaddset(&sighup_mask, SIGHUP); 849 sigprocmask(SIG_BLOCK, &sighup_mask, NULL); 850 ep = exphead; 851 while (ep) { 852 putdef = 0; 853 if (put_exlist(ep->ex_dirl, xdrsp, ep->ex_defdir, 854 &putdef, brief)) 855 goto errout; 856 if (ep->ex_defdir && putdef == 0 && 857 put_exlist(ep->ex_defdir, xdrsp, (struct dirlist *)NULL, 858 &putdef, brief)) 859 goto errout; 860 ep = ep->ex_next; 861 } 862 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 863 if (!xdr_bool(xdrsp, &false)) 864 return (0); 865 return (1); 866 errout: 867 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL); 868 return (0); 869 } 870 871 /* 872 * Called from xdr_explist() to traverse the tree and export the 873 * directory paths. 874 */ 875 int 876 put_exlist(dp, xdrsp, adp, putdefp, brief) 877 struct dirlist *dp; 878 XDR *xdrsp; 879 struct dirlist *adp; 880 int *putdefp; 881 int brief; 882 { 883 struct grouplist *grp; 884 struct hostlist *hp; 885 int true = 1; 886 int false = 0; 887 int gotalldir = 0; 888 char *strp; 889 890 if (dp) { 891 if (put_exlist(dp->dp_left, xdrsp, adp, putdefp, brief)) 892 return (1); 893 if (!xdr_bool(xdrsp, &true)) 894 return (1); 895 strp = dp->dp_dirp; 896 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN)) 897 return (1); 898 if (adp && !strcmp(dp->dp_dirp, adp->dp_dirp)) { 899 gotalldir = 1; 900 *putdefp = 1; 901 } 902 if (brief) { 903 if (!xdr_bool(xdrsp, &true)) 904 return (1); 905 strp = "(...)"; 906 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN)) 907 return (1); 908 } else if ((dp->dp_flag & DP_DEFSET) == 0 && 909 (gotalldir == 0 || (adp->dp_flag & DP_DEFSET) == 0)) { 910 hp = dp->dp_hosts; 911 while (hp) { 912 grp = hp->ht_grp; 913 if (grp->gr_type == GT_HOST) { 914 if (!xdr_bool(xdrsp, &true)) 915 return (1); 916 strp = grp->gr_ptr.gt_addrinfo->ai_canonname; 917 if (!xdr_string(xdrsp, &strp, 918 RPCMNT_NAMELEN)) 919 return (1); 920 } else if (grp->gr_type == GT_NET) { 921 if (!xdr_bool(xdrsp, &true)) 922 return (1); 923 strp = grp->gr_ptr.gt_net.nt_name; 924 if (!xdr_string(xdrsp, &strp, 925 RPCMNT_NAMELEN)) 926 return (1); 927 } 928 hp = hp->ht_next; 929 if (gotalldir && hp == (struct hostlist *)NULL) { 930 hp = adp->dp_hosts; 931 gotalldir = 0; 932 } 933 } 934 } 935 if (!xdr_bool(xdrsp, &false)) 936 return (1); 937 if (put_exlist(dp->dp_right, xdrsp, adp, putdefp, brief)) 938 return (1); 939 } 940 return (0); 941 } 942 943 int 944 xdr_explist(xdrsp, cp) 945 XDR *xdrsp; 946 caddr_t cp; 947 { 948 949 return xdr_explist_common(xdrsp, cp, 0); 950 } 951 952 int 953 xdr_explist_brief(xdrsp, cp) 954 XDR *xdrsp; 955 caddr_t cp; 956 { 957 958 return xdr_explist_common(xdrsp, cp, 1); 959 } 960 961 char *line; 962 int linesize; 963 FILE *exp_file; 964 965 /* 966 * Get the export list 967 */ 968 void 969 get_exportlist() 970 { 971 struct exportlist *ep, *ep2; 972 struct grouplist *grp, *tgrp; 973 struct exportlist **epp; 974 struct dirlist *dirhead; 975 struct statfs fsb, *fsp; 976 struct xucred anon; 977 char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc; 978 int len, has_host, exflags, got_nondir, dirplen, num, i, netgrp; 979 980 dirp = NULL; 981 dirplen = 0; 982 983 /* 984 * First, get rid of the old list 985 */ 986 ep = exphead; 987 while (ep) { 988 ep2 = ep; 989 ep = ep->ex_next; 990 free_exp(ep2); 991 } 992 exphead = (struct exportlist *)NULL; 993 994 grp = grphead; 995 while (grp) { 996 tgrp = grp; 997 grp = grp->gr_next; 998 free_grp(tgrp); 999 } 1000 grphead = (struct grouplist *)NULL; 1001 1002 /* 1003 * And delete exports that are in the kernel for all local 1004 * filesystems. 1005 * XXX: Should know how to handle all local exportable filesystems 1006 * instead of just "ufs". 1007 */ 1008 num = getmntinfo(&fsp, MNT_NOWAIT); 1009 for (i = 0; i < num; i++) { 1010 union { 1011 struct ufs_args ua; 1012 struct iso_args ia; 1013 struct msdosfs_args da; 1014 struct ntfs_args na; 1015 } targs; 1016 1017 if (!strcmp(fsp->f_fstypename, "ufs") || 1018 !strcmp(fsp->f_fstypename, "msdosfs") || 1019 !strcmp(fsp->f_fstypename, "ntfs") || 1020 !strcmp(fsp->f_fstypename, "cd9660")) { 1021 bzero(&targs, sizeof targs); 1022 targs.ua.fspec = NULL; 1023 targs.ua.export.ex_flags = MNT_DELEXPORT; 1024 if (mount(fsp->f_fstypename, fsp->f_mntonname, 1025 fsp->f_flags | MNT_UPDATE, (caddr_t)&targs) < 0 && 1026 errno != ENOENT) 1027 syslog(LOG_ERR, 1028 "can't delete exports for %s: %m", 1029 fsp->f_mntonname); 1030 } 1031 fsp++; 1032 } 1033 1034 /* 1035 * Read in the exports file and build the list, calling 1036 * mount() as we go along to push the export rules into the kernel. 1037 */ 1038 if ((exp_file = fopen(exname, "r")) == NULL) { 1039 syslog(LOG_ERR, "can't open %s", exname); 1040 exit(2); 1041 } 1042 dirhead = (struct dirlist *)NULL; 1043 while (get_line()) { 1044 if (debug) 1045 warnx("got line %s", line); 1046 cp = line; 1047 nextfield(&cp, &endcp); 1048 if (*cp == '#') 1049 goto nextline; 1050 1051 /* 1052 * Set defaults. 1053 */ 1054 has_host = FALSE; 1055 anon = def_anon; 1056 exflags = MNT_EXPORTED; 1057 got_nondir = 0; 1058 opt_flags = 0; 1059 ep = (struct exportlist *)NULL; 1060 1061 /* 1062 * Create new exports list entry 1063 */ 1064 len = endcp-cp; 1065 tgrp = grp = get_grp(); 1066 while (len > 0) { 1067 if (len > RPCMNT_NAMELEN) { 1068 getexp_err(ep, tgrp); 1069 goto nextline; 1070 } 1071 if (*cp == '-') { 1072 if (ep == (struct exportlist *)NULL) { 1073 getexp_err(ep, tgrp); 1074 goto nextline; 1075 } 1076 if (debug) 1077 warnx("doing opt %s", cp); 1078 got_nondir = 1; 1079 if (do_opt(&cp, &endcp, ep, grp, &has_host, 1080 &exflags, &anon)) { 1081 getexp_err(ep, tgrp); 1082 goto nextline; 1083 } 1084 } else if (*cp == '/') { 1085 savedc = *endcp; 1086 *endcp = '\0'; 1087 if (check_dirpath(cp) && 1088 statfs(cp, &fsb) >= 0) { 1089 if (got_nondir) { 1090 syslog(LOG_ERR, "dirs must be first"); 1091 getexp_err(ep, tgrp); 1092 goto nextline; 1093 } 1094 if (ep) { 1095 if (ep->ex_fs.val[0] != fsb.f_fsid.val[0] || 1096 ep->ex_fs.val[1] != fsb.f_fsid.val[1]) { 1097 getexp_err(ep, tgrp); 1098 goto nextline; 1099 } 1100 } else { 1101 /* 1102 * See if this directory is already 1103 * in the list. 1104 */ 1105 ep = ex_search(&fsb.f_fsid); 1106 if (ep == (struct exportlist *)NULL) { 1107 ep = get_exp(); 1108 ep->ex_fs = fsb.f_fsid; 1109 ep->ex_fsdir = (char *) 1110 malloc(strlen(fsb.f_mntonname) + 1); 1111 if (ep->ex_fsdir) 1112 strcpy(ep->ex_fsdir, 1113 fsb.f_mntonname); 1114 else 1115 out_of_mem(); 1116 if (debug) 1117 warnx("making new ep fs=0x%x,0x%x", 1118 fsb.f_fsid.val[0], 1119 fsb.f_fsid.val[1]); 1120 } else if (debug) 1121 warnx("found ep fs=0x%x,0x%x", 1122 fsb.f_fsid.val[0], 1123 fsb.f_fsid.val[1]); 1124 } 1125 1126 /* 1127 * Add dirpath to export mount point. 1128 */ 1129 dirp = add_expdir(&dirhead, cp, len); 1130 dirplen = len; 1131 } else { 1132 getexp_err(ep, tgrp); 1133 goto nextline; 1134 } 1135 *endcp = savedc; 1136 } else { 1137 savedc = *endcp; 1138 *endcp = '\0'; 1139 got_nondir = 1; 1140 if (ep == (struct exportlist *)NULL) { 1141 getexp_err(ep, tgrp); 1142 goto nextline; 1143 } 1144 1145 /* 1146 * Get the host or netgroup. 1147 */ 1148 setnetgrent(cp); 1149 netgrp = getnetgrent(&hst, &usr, &dom); 1150 do { 1151 if (has_host) { 1152 grp->gr_next = get_grp(); 1153 grp = grp->gr_next; 1154 } 1155 if (netgrp) { 1156 if (hst == 0) { 1157 syslog(LOG_ERR, 1158 "null hostname in netgroup %s, skipping", cp); 1159 grp->gr_type = GT_IGNORE; 1160 } else if (get_host(hst, grp, tgrp)) { 1161 syslog(LOG_ERR, 1162 "bad host %s in netgroup %s, skipping", hst, cp); 1163 grp->gr_type = GT_IGNORE; 1164 } 1165 } else if (get_host(cp, grp, tgrp)) { 1166 syslog(LOG_ERR, "bad host %s, skipping", cp); 1167 grp->gr_type = GT_IGNORE; 1168 } 1169 has_host = TRUE; 1170 } while (netgrp && getnetgrent(&hst, &usr, &dom)); 1171 endnetgrent(); 1172 *endcp = savedc; 1173 } 1174 cp = endcp; 1175 nextfield(&cp, &endcp); 1176 len = endcp - cp; 1177 } 1178 if (check_options(dirhead)) { 1179 getexp_err(ep, tgrp); 1180 goto nextline; 1181 } 1182 if (!has_host) { 1183 grp->gr_type = GT_DEFAULT; 1184 if (debug) 1185 warnx("adding a default entry"); 1186 1187 /* 1188 * Don't allow a network export coincide with a list of 1189 * host(s) on the same line. 1190 */ 1191 } else if ((opt_flags & OP_NET) && tgrp->gr_next) { 1192 syslog(LOG_ERR, "network/host conflict"); 1193 getexp_err(ep, tgrp); 1194 goto nextline; 1195 1196 /* 1197 * If an export list was specified on this line, make sure 1198 * that we have at least one valid entry, otherwise skip it. 1199 */ 1200 } else { 1201 grp = tgrp; 1202 while (grp && grp->gr_type == GT_IGNORE) 1203 grp = grp->gr_next; 1204 if (! grp) { 1205 getexp_err(ep, tgrp); 1206 goto nextline; 1207 } 1208 } 1209 1210 /* 1211 * Loop through hosts, pushing the exports into the kernel. 1212 * After loop, tgrp points to the start of the list and 1213 * grp points to the last entry in the list. 1214 */ 1215 grp = tgrp; 1216 do { 1217 if (do_mount(ep, grp, exflags, &anon, dirp, dirplen, 1218 &fsb)) { 1219 getexp_err(ep, tgrp); 1220 goto nextline; 1221 } 1222 } while (grp->gr_next && (grp = grp->gr_next)); 1223 1224 /* 1225 * Success. Update the data structures. 1226 */ 1227 if (has_host) { 1228 hang_dirp(dirhead, tgrp, ep, opt_flags); 1229 grp->gr_next = grphead; 1230 grphead = tgrp; 1231 } else { 1232 hang_dirp(dirhead, (struct grouplist *)NULL, ep, 1233 opt_flags); 1234 free_grp(grp); 1235 } 1236 dirhead = (struct dirlist *)NULL; 1237 if ((ep->ex_flag & EX_LINKED) == 0) { 1238 ep2 = exphead; 1239 epp = &exphead; 1240 1241 /* 1242 * Insert in the list in alphabetical order. 1243 */ 1244 while (ep2 && strcmp(ep2->ex_fsdir, ep->ex_fsdir) < 0) { 1245 epp = &ep2->ex_next; 1246 ep2 = ep2->ex_next; 1247 } 1248 if (ep2) 1249 ep->ex_next = ep2; 1250 *epp = ep; 1251 ep->ex_flag |= EX_LINKED; 1252 } 1253 nextline: 1254 if (dirhead) { 1255 free_dir(dirhead); 1256 dirhead = (struct dirlist *)NULL; 1257 } 1258 } 1259 fclose(exp_file); 1260 } 1261 1262 /* 1263 * Allocate an export list element 1264 */ 1265 struct exportlist * 1266 get_exp() 1267 { 1268 struct exportlist *ep; 1269 1270 ep = (struct exportlist *)malloc(sizeof (struct exportlist)); 1271 if (ep == (struct exportlist *)NULL) 1272 out_of_mem(); 1273 memset(ep, 0, sizeof(struct exportlist)); 1274 return (ep); 1275 } 1276 1277 /* 1278 * Allocate a group list element 1279 */ 1280 struct grouplist * 1281 get_grp() 1282 { 1283 struct grouplist *gp; 1284 1285 gp = (struct grouplist *)malloc(sizeof (struct grouplist)); 1286 if (gp == (struct grouplist *)NULL) 1287 out_of_mem(); 1288 memset(gp, 0, sizeof(struct grouplist)); 1289 return (gp); 1290 } 1291 1292 /* 1293 * Clean up upon an error in get_exportlist(). 1294 */ 1295 void 1296 getexp_err(ep, grp) 1297 struct exportlist *ep; 1298 struct grouplist *grp; 1299 { 1300 struct grouplist *tgrp; 1301 1302 if (!(opt_flags & OP_QUIET)) 1303 syslog(LOG_ERR, "bad exports list line %s", line); 1304 if (ep && (ep->ex_flag & EX_LINKED) == 0) 1305 free_exp(ep); 1306 while (grp) { 1307 tgrp = grp; 1308 grp = grp->gr_next; 1309 free_grp(tgrp); 1310 } 1311 } 1312 1313 /* 1314 * Search the export list for a matching fs. 1315 */ 1316 struct exportlist * 1317 ex_search(fsid) 1318 fsid_t *fsid; 1319 { 1320 struct exportlist *ep; 1321 1322 ep = exphead; 1323 while (ep) { 1324 if (ep->ex_fs.val[0] == fsid->val[0] && 1325 ep->ex_fs.val[1] == fsid->val[1]) 1326 return (ep); 1327 ep = ep->ex_next; 1328 } 1329 return (ep); 1330 } 1331 1332 /* 1333 * Add a directory path to the list. 1334 */ 1335 char * 1336 add_expdir(dpp, cp, len) 1337 struct dirlist **dpp; 1338 char *cp; 1339 int len; 1340 { 1341 struct dirlist *dp; 1342 1343 dp = (struct dirlist *)malloc(sizeof (struct dirlist) + len); 1344 if (dp == (struct dirlist *)NULL) 1345 out_of_mem(); 1346 dp->dp_left = *dpp; 1347 dp->dp_right = (struct dirlist *)NULL; 1348 dp->dp_flag = 0; 1349 dp->dp_hosts = (struct hostlist *)NULL; 1350 strcpy(dp->dp_dirp, cp); 1351 *dpp = dp; 1352 return (dp->dp_dirp); 1353 } 1354 1355 /* 1356 * Hang the dir list element off the dirpath binary tree as required 1357 * and update the entry for host. 1358 */ 1359 void 1360 hang_dirp(dp, grp, ep, flags) 1361 struct dirlist *dp; 1362 struct grouplist *grp; 1363 struct exportlist *ep; 1364 int flags; 1365 { 1366 struct hostlist *hp; 1367 struct dirlist *dp2; 1368 1369 if (flags & OP_ALLDIRS) { 1370 if (ep->ex_defdir) 1371 free((caddr_t)dp); 1372 else 1373 ep->ex_defdir = dp; 1374 if (grp == (struct grouplist *)NULL) { 1375 ep->ex_defdir->dp_flag |= DP_DEFSET; 1376 } else while (grp) { 1377 hp = get_ht(); 1378 hp->ht_grp = grp; 1379 hp->ht_next = ep->ex_defdir->dp_hosts; 1380 ep->ex_defdir->dp_hosts = hp; 1381 grp = grp->gr_next; 1382 } 1383 } else { 1384 1385 /* 1386 * Loop through the directories adding them to the tree. 1387 */ 1388 while (dp) { 1389 dp2 = dp->dp_left; 1390 add_dlist(&ep->ex_dirl, dp, grp, flags); 1391 dp = dp2; 1392 } 1393 } 1394 } 1395 1396 /* 1397 * Traverse the binary tree either updating a node that is already there 1398 * for the new directory or adding the new node. 1399 */ 1400 void 1401 add_dlist(dpp, newdp, grp, flags) 1402 struct dirlist **dpp; 1403 struct dirlist *newdp; 1404 struct grouplist *grp; 1405 int flags; 1406 { 1407 struct dirlist *dp; 1408 struct hostlist *hp; 1409 int cmp; 1410 1411 dp = *dpp; 1412 if (dp) { 1413 cmp = strcmp(dp->dp_dirp, newdp->dp_dirp); 1414 if (cmp > 0) { 1415 add_dlist(&dp->dp_left, newdp, grp, flags); 1416 return; 1417 } else if (cmp < 0) { 1418 add_dlist(&dp->dp_right, newdp, grp, flags); 1419 return; 1420 } else 1421 free((caddr_t)newdp); 1422 } else { 1423 dp = newdp; 1424 dp->dp_left = (struct dirlist *)NULL; 1425 *dpp = dp; 1426 } 1427 if (grp) { 1428 1429 /* 1430 * Hang all of the host(s) off of the directory point. 1431 */ 1432 do { 1433 hp = get_ht(); 1434 hp->ht_grp = grp; 1435 hp->ht_next = dp->dp_hosts; 1436 dp->dp_hosts = hp; 1437 grp = grp->gr_next; 1438 } while (grp); 1439 } else { 1440 dp->dp_flag |= DP_DEFSET; 1441 } 1442 } 1443 1444 /* 1445 * Search for a dirpath on the export point. 1446 */ 1447 struct dirlist * 1448 dirp_search(dp, dirp) 1449 struct dirlist *dp; 1450 char *dirp; 1451 { 1452 int cmp; 1453 1454 if (dp) { 1455 cmp = strcmp(dp->dp_dirp, dirp); 1456 if (cmp > 0) 1457 return (dirp_search(dp->dp_left, dirp)); 1458 else if (cmp < 0) 1459 return (dirp_search(dp->dp_right, dirp)); 1460 else 1461 return (dp); 1462 } 1463 return (dp); 1464 } 1465 1466 /* 1467 * Scan for a host match in a directory tree. 1468 */ 1469 int 1470 chk_host(dp, saddr, defsetp, hostsetp) 1471 struct dirlist *dp; 1472 struct sockaddr *saddr; 1473 int *defsetp; 1474 int *hostsetp; 1475 { 1476 struct hostlist *hp; 1477 struct grouplist *grp; 1478 struct addrinfo *ai; 1479 1480 if (dp) { 1481 if (dp->dp_flag & DP_DEFSET) 1482 *defsetp = dp->dp_flag; 1483 hp = dp->dp_hosts; 1484 while (hp) { 1485 grp = hp->ht_grp; 1486 switch (grp->gr_type) { 1487 case GT_HOST: 1488 ai = grp->gr_ptr.gt_addrinfo; 1489 for (; ai; ai = ai->ai_next) { 1490 if (!sacmp(ai->ai_addr, saddr, NULL)) { 1491 *hostsetp = 1492 (hp->ht_flag | DP_HOSTSET); 1493 return (1); 1494 } 1495 } 1496 break; 1497 case GT_NET: 1498 if (!sacmp(saddr, (struct sockaddr *) 1499 &grp->gr_ptr.gt_net.nt_net, 1500 (struct sockaddr *) 1501 &grp->gr_ptr.gt_net.nt_mask)) { 1502 *hostsetp = (hp->ht_flag | DP_HOSTSET); 1503 return (1); 1504 } 1505 break; 1506 } 1507 hp = hp->ht_next; 1508 } 1509 } 1510 return (0); 1511 } 1512 1513 /* 1514 * Scan tree for a host that matches the address. 1515 */ 1516 int 1517 scan_tree(dp, saddr) 1518 struct dirlist *dp; 1519 struct sockaddr *saddr; 1520 { 1521 int defset, hostset; 1522 1523 if (dp) { 1524 if (scan_tree(dp->dp_left, saddr)) 1525 return (1); 1526 if (chk_host(dp, saddr, &defset, &hostset)) 1527 return (1); 1528 if (scan_tree(dp->dp_right, saddr)) 1529 return (1); 1530 } 1531 return (0); 1532 } 1533 1534 /* 1535 * Traverse the dirlist tree and free it up. 1536 */ 1537 void 1538 free_dir(dp) 1539 struct dirlist *dp; 1540 { 1541 1542 if (dp) { 1543 free_dir(dp->dp_left); 1544 free_dir(dp->dp_right); 1545 free_host(dp->dp_hosts); 1546 free((caddr_t)dp); 1547 } 1548 } 1549 1550 /* 1551 * Parse the option string and update fields. 1552 * Option arguments may either be -<option>=<value> or 1553 * -<option> <value> 1554 */ 1555 int 1556 do_opt(cpp, endcpp, ep, grp, has_hostp, exflagsp, cr) 1557 char **cpp, **endcpp; 1558 struct exportlist *ep; 1559 struct grouplist *grp; 1560 int *has_hostp; 1561 int *exflagsp; 1562 struct xucred *cr; 1563 { 1564 char *cpoptarg, *cpoptend; 1565 char *cp, *endcp, *cpopt, savedc, savedc2; 1566 int allflag, usedarg; 1567 1568 savedc2 = '\0'; 1569 cpopt = *cpp; 1570 cpopt++; 1571 cp = *endcpp; 1572 savedc = *cp; 1573 *cp = '\0'; 1574 while (cpopt && *cpopt) { 1575 allflag = 1; 1576 usedarg = -2; 1577 if ((cpoptend = strchr(cpopt, ','))) { 1578 *cpoptend++ = '\0'; 1579 if ((cpoptarg = strchr(cpopt, '='))) 1580 *cpoptarg++ = '\0'; 1581 } else { 1582 if ((cpoptarg = strchr(cpopt, '='))) 1583 *cpoptarg++ = '\0'; 1584 else { 1585 *cp = savedc; 1586 nextfield(&cp, &endcp); 1587 **endcpp = '\0'; 1588 if (endcp > cp && *cp != '-') { 1589 cpoptarg = cp; 1590 savedc2 = *endcp; 1591 *endcp = '\0'; 1592 usedarg = 0; 1593 } 1594 } 1595 } 1596 if (!strcmp(cpopt, "ro") || !strcmp(cpopt, "o")) { 1597 *exflagsp |= MNT_EXRDONLY; 1598 } else if (cpoptarg && (!strcmp(cpopt, "maproot") || 1599 !(allflag = strcmp(cpopt, "mapall")) || 1600 !strcmp(cpopt, "root") || !strcmp(cpopt, "r"))) { 1601 usedarg++; 1602 parsecred(cpoptarg, cr); 1603 if (allflag == 0) { 1604 *exflagsp |= MNT_EXPORTANON; 1605 opt_flags |= OP_MAPALL; 1606 } else 1607 opt_flags |= OP_MAPROOT; 1608 } else if (cpoptarg && (!strcmp(cpopt, "mask") || 1609 !strcmp(cpopt, "m"))) { 1610 if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) { 1611 syslog(LOG_ERR, "bad mask: %s", cpoptarg); 1612 return (1); 1613 } 1614 usedarg++; 1615 opt_flags |= OP_MASK; 1616 } else if (cpoptarg && (!strcmp(cpopt, "network") || 1617 !strcmp(cpopt, "n"))) { 1618 if (strchr(cpoptarg, '/') != NULL) { 1619 if (debug) 1620 fprintf(stderr, "setting OP_MASKLEN\n"); 1621 opt_flags |= OP_MASKLEN; 1622 } 1623 if (grp->gr_type != GT_NULL) { 1624 syslog(LOG_ERR, "network/host conflict"); 1625 return (1); 1626 } else if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 0)) { 1627 syslog(LOG_ERR, "bad net: %s", cpoptarg); 1628 return (1); 1629 } 1630 grp->gr_type = GT_NET; 1631 *has_hostp = 1; 1632 usedarg++; 1633 opt_flags |= OP_NET; 1634 } else if (!strcmp(cpopt, "alldirs")) { 1635 opt_flags |= OP_ALLDIRS; 1636 } else if (!strcmp(cpopt, "public")) { 1637 *exflagsp |= MNT_EXPUBLIC; 1638 } else if (!strcmp(cpopt, "webnfs")) { 1639 *exflagsp |= (MNT_EXPUBLIC|MNT_EXRDONLY|MNT_EXPORTANON); 1640 opt_flags |= OP_MAPALL; 1641 } else if (cpoptarg && !strcmp(cpopt, "index")) { 1642 ep->ex_indexfile = strdup(cpoptarg); 1643 } else if (!strcmp(cpopt, "quiet")) { 1644 opt_flags |= OP_QUIET; 1645 } else { 1646 syslog(LOG_ERR, "bad opt %s", cpopt); 1647 return (1); 1648 } 1649 if (usedarg >= 0) { 1650 *endcp = savedc2; 1651 **endcpp = savedc; 1652 if (usedarg > 0) { 1653 *cpp = cp; 1654 *endcpp = endcp; 1655 } 1656 return (0); 1657 } 1658 cpopt = cpoptend; 1659 } 1660 **endcpp = savedc; 1661 return (0); 1662 } 1663 1664 /* 1665 * Translate a character string to the corresponding list of network 1666 * addresses for a hostname. 1667 */ 1668 int 1669 get_host(cp, grp, tgrp) 1670 char *cp; 1671 struct grouplist *grp; 1672 struct grouplist *tgrp; 1673 { 1674 struct grouplist *checkgrp; 1675 struct addrinfo *ai, *tai, hints; 1676 int ecode; 1677 char host[NI_MAXHOST]; 1678 1679 if (grp->gr_type != GT_NULL) { 1680 syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp); 1681 return (1); 1682 } 1683 memset(&hints, 0, sizeof hints); 1684 hints.ai_flags = AI_CANONNAME; 1685 hints.ai_protocol = IPPROTO_UDP; 1686 ecode = getaddrinfo(cp, NULL, &hints, &ai); 1687 if (ecode != 0) { 1688 syslog(LOG_ERR,"can't get address info for host %s", cp); 1689 return 1; 1690 } 1691 grp->gr_ptr.gt_addrinfo = ai; 1692 while (ai != NULL) { 1693 if (ai->ai_canonname == NULL) { 1694 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host, 1695 sizeof host, NULL, 0, ninumeric) != 0) 1696 strlcpy(host, "?", sizeof(host)); 1697 ai->ai_canonname = strdup(host); 1698 ai->ai_flags |= AI_CANONNAME; 1699 } 1700 if (debug) 1701 fprintf(stderr, "got host %s\n", ai->ai_canonname); 1702 /* 1703 * Sanity check: make sure we don't already have an entry 1704 * for this host in the grouplist. 1705 */ 1706 for (checkgrp = tgrp; checkgrp != NULL; 1707 checkgrp = checkgrp->gr_next) { 1708 if (checkgrp->gr_type != GT_HOST) 1709 continue; 1710 for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL; 1711 tai = tai->ai_next) { 1712 if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0) 1713 continue; 1714 if (debug) 1715 fprintf(stderr, 1716 "ignoring duplicate host %s\n", 1717 ai->ai_canonname); 1718 grp->gr_type = GT_IGNORE; 1719 return (0); 1720 } 1721 } 1722 ai = ai->ai_next; 1723 } 1724 grp->gr_type = GT_HOST; 1725 return (0); 1726 } 1727 1728 /* 1729 * Free up an exports list component 1730 */ 1731 void 1732 free_exp(ep) 1733 struct exportlist *ep; 1734 { 1735 1736 if (ep->ex_defdir) { 1737 free_host(ep->ex_defdir->dp_hosts); 1738 free((caddr_t)ep->ex_defdir); 1739 } 1740 if (ep->ex_fsdir) 1741 free(ep->ex_fsdir); 1742 if (ep->ex_indexfile) 1743 free(ep->ex_indexfile); 1744 free_dir(ep->ex_dirl); 1745 free((caddr_t)ep); 1746 } 1747 1748 /* 1749 * Free hosts. 1750 */ 1751 void 1752 free_host(hp) 1753 struct hostlist *hp; 1754 { 1755 struct hostlist *hp2; 1756 1757 while (hp) { 1758 hp2 = hp; 1759 hp = hp->ht_next; 1760 free((caddr_t)hp2); 1761 } 1762 } 1763 1764 struct hostlist * 1765 get_ht() 1766 { 1767 struct hostlist *hp; 1768 1769 hp = (struct hostlist *)malloc(sizeof (struct hostlist)); 1770 if (hp == (struct hostlist *)NULL) 1771 out_of_mem(); 1772 hp->ht_next = (struct hostlist *)NULL; 1773 hp->ht_flag = 0; 1774 return (hp); 1775 } 1776 1777 /* 1778 * Out of memory, fatal 1779 */ 1780 void 1781 out_of_mem() 1782 { 1783 1784 syslog(LOG_ERR, "out of memory"); 1785 exit(2); 1786 } 1787 1788 /* 1789 * Do the mount syscall with the update flag to push the export info into 1790 * the kernel. 1791 */ 1792 int 1793 do_mount(ep, grp, exflags, anoncrp, dirp, dirplen, fsb) 1794 struct exportlist *ep; 1795 struct grouplist *grp; 1796 int exflags; 1797 struct xucred *anoncrp; 1798 char *dirp; 1799 int dirplen; 1800 struct statfs *fsb; 1801 { 1802 struct statfs fsb1; 1803 struct addrinfo *ai; 1804 struct export_args *eap; 1805 char *cp = NULL; 1806 int done; 1807 char savedc = '\0'; 1808 union { 1809 struct ufs_args ua; 1810 struct iso_args ia; 1811 struct msdosfs_args da; 1812 struct ntfs_args na; 1813 } args; 1814 1815 bzero(&args, sizeof args); 1816 /* XXX, we assume that all xx_args look like ufs_args. */ 1817 args.ua.fspec = 0; 1818 eap = &args.ua.export; 1819 1820 eap->ex_flags = exflags; 1821 eap->ex_anon = *anoncrp; 1822 eap->ex_indexfile = ep->ex_indexfile; 1823 if (grp->gr_type == GT_HOST) 1824 ai = grp->gr_ptr.gt_addrinfo; 1825 else 1826 ai = NULL; 1827 done = FALSE; 1828 while (!done) { 1829 switch (grp->gr_type) { 1830 case GT_HOST: 1831 if (ai->ai_addr->sa_family == AF_INET6 && have_v6 == 0) 1832 goto skip; 1833 eap->ex_addr = ai->ai_addr; 1834 eap->ex_addrlen = ai->ai_addrlen; 1835 eap->ex_masklen = 0; 1836 break; 1837 case GT_NET: 1838 if (grp->gr_ptr.gt_net.nt_net.ss_family == AF_INET6 && 1839 have_v6 == 0) 1840 goto skip; 1841 eap->ex_addr = 1842 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_net; 1843 eap->ex_addrlen = args.ua.export.ex_addr->sa_len; 1844 eap->ex_mask = 1845 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask; 1846 eap->ex_masklen = args.ua.export.ex_mask->sa_len; 1847 break; 1848 case GT_DEFAULT: 1849 eap->ex_addr = NULL; 1850 eap->ex_addrlen = 0; 1851 eap->ex_mask = NULL; 1852 eap->ex_masklen = 0; 1853 break; 1854 case GT_IGNORE: 1855 return(0); 1856 break; 1857 default: 1858 syslog(LOG_ERR, "bad grouptype"); 1859 if (cp) 1860 *cp = savedc; 1861 return (1); 1862 }; 1863 1864 /* 1865 * XXX: 1866 * Maybe I should just use the fsb->f_mntonname path instead 1867 * of looping back up the dirp to the mount point?? 1868 * Also, needs to know how to export all types of local 1869 * exportable filesystems and not just "ufs". 1870 */ 1871 while (mount(fsb->f_fstypename, dirp, 1872 fsb->f_flags | MNT_UPDATE, (caddr_t)&args) < 0) { 1873 if (cp) 1874 *cp-- = savedc; 1875 else 1876 cp = dirp + dirplen - 1; 1877 if (opt_flags & OP_QUIET) 1878 return (1); 1879 if (errno == EPERM) { 1880 if (debug) 1881 warnx("can't change attributes for %s", 1882 dirp); 1883 syslog(LOG_ERR, 1884 "can't change attributes for %s", dirp); 1885 return (1); 1886 } 1887 if (opt_flags & OP_ALLDIRS) { 1888 if (errno == EINVAL) 1889 syslog(LOG_ERR, 1890 "-alldirs requested but %s is not a filesystem mountpoint", 1891 dirp); 1892 else 1893 syslog(LOG_ERR, 1894 "could not remount %s: %m", 1895 dirp); 1896 return (1); 1897 } 1898 /* back up over the last component */ 1899 while (*cp == '/' && cp > dirp) 1900 cp--; 1901 while (*(cp - 1) != '/' && cp > dirp) 1902 cp--; 1903 if (cp == dirp) { 1904 if (debug) 1905 warnx("mnt unsucc"); 1906 syslog(LOG_ERR, "can't export %s", dirp); 1907 return (1); 1908 } 1909 savedc = *cp; 1910 *cp = '\0'; 1911 /* Check that we're still on the same filesystem. */ 1912 if (statfs(dirp, &fsb1) != 0 || bcmp(&fsb1.f_fsid, 1913 &fsb->f_fsid, sizeof(fsb1.f_fsid)) != 0) { 1914 *cp = savedc; 1915 syslog(LOG_ERR, "can't export %s", dirp); 1916 return (1); 1917 } 1918 } 1919 skip: 1920 if (ai != NULL) 1921 ai = ai->ai_next; 1922 if (ai == NULL) 1923 done = TRUE; 1924 } 1925 if (cp) 1926 *cp = savedc; 1927 return (0); 1928 } 1929 1930 /* 1931 * Translate a net address. 1932 * 1933 * If `maskflg' is nonzero, then `cp' is a netmask, not a network address. 1934 */ 1935 int 1936 get_net(cp, net, maskflg) 1937 char *cp; 1938 struct netmsk *net; 1939 int maskflg; 1940 { 1941 struct netent *np = NULL; 1942 char *name, *p, *prefp; 1943 struct sockaddr_in sin; 1944 struct sockaddr *sa = NULL; 1945 struct addrinfo hints, *ai = NULL; 1946 char netname[NI_MAXHOST]; 1947 long preflen; 1948 1949 p = prefp = NULL; 1950 if ((opt_flags & OP_MASKLEN) && !maskflg) { 1951 p = strchr(cp, '/'); 1952 *p = '\0'; 1953 prefp = p + 1; 1954 } 1955 1956 /* 1957 * Check for a numeric address first. We wish to avoid 1958 * possible DNS lookups in getnetbyname(). 1959 */ 1960 if (isxdigit(*cp) || *cp == ':') { 1961 memset(&hints, 0, sizeof hints); 1962 /* Ensure the mask and the network have the same family. */ 1963 if (maskflg && (opt_flags & OP_NET)) 1964 hints.ai_family = net->nt_net.ss_family; 1965 else if (!maskflg && (opt_flags & OP_HAVEMASK)) 1966 hints.ai_family = net->nt_mask.ss_family; 1967 else 1968 hints.ai_family = AF_UNSPEC; 1969 hints.ai_flags = AI_NUMERICHOST; 1970 if (getaddrinfo(cp, NULL, &hints, &ai) == 0) 1971 sa = ai->ai_addr; 1972 if (sa != NULL && ai->ai_family == AF_INET) { 1973 /* 1974 * The address in `cp' is really a network address, so 1975 * use inet_network() to re-interpret this correctly. 1976 * e.g. "127.1" means 127.1.0.0, not 127.0.0.1. 1977 */ 1978 bzero(&sin, sizeof sin); 1979 sin.sin_family = AF_INET; 1980 sin.sin_len = sizeof sin; 1981 sin.sin_addr = inet_makeaddr(inet_network(cp), 0); 1982 if (debug) 1983 fprintf(stderr, "get_net: v4 addr %s\n", 1984 inet_ntoa(sin.sin_addr)); 1985 sa = (struct sockaddr *)&sin; 1986 } 1987 } 1988 if (sa == NULL && (np = getnetbyname(cp)) != NULL) { 1989 bzero(&sin, sizeof sin); 1990 sin.sin_family = AF_INET; 1991 sin.sin_len = sizeof sin; 1992 sin.sin_addr = inet_makeaddr(np->n_net, 0); 1993 sa = (struct sockaddr *)&sin; 1994 } 1995 if (sa == NULL) 1996 goto fail; 1997 1998 if (maskflg) { 1999 /* The specified sockaddr is a mask. */ 2000 if (checkmask(sa) != 0) 2001 goto fail; 2002 bcopy(sa, &net->nt_mask, sa->sa_len); 2003 opt_flags |= OP_HAVEMASK; 2004 } else { 2005 /* The specified sockaddr is a network address. */ 2006 bcopy(sa, &net->nt_net, sa->sa_len); 2007 2008 /* Get a network name for the export list. */ 2009 if (np) { 2010 name = np->n_name; 2011 } else if (getnameinfo(sa, sa->sa_len, netname, sizeof netname, 2012 NULL, 0, ninumeric) == 0) { 2013 name = netname; 2014 } else { 2015 goto fail; 2016 } 2017 if ((net->nt_name = strdup(name)) == NULL) 2018 out_of_mem(); 2019 2020 /* 2021 * Extract a mask from either a "/<masklen>" suffix, or 2022 * from the class of an IPv4 address. 2023 */ 2024 if (opt_flags & OP_MASKLEN) { 2025 preflen = strtol(prefp, NULL, 10); 2026 if (preflen < 0L || preflen == LONG_MAX) 2027 goto fail; 2028 bcopy(sa, &net->nt_mask, sa->sa_len); 2029 if (makemask(&net->nt_mask, (int)preflen) != 0) 2030 goto fail; 2031 opt_flags |= OP_HAVEMASK; 2032 *p = '/'; 2033 } else if (sa->sa_family == AF_INET && 2034 (opt_flags & OP_MASK) == 0) { 2035 in_addr_t addr; 2036 2037 addr = ((struct sockaddr_in *)sa)->sin_addr.s_addr; 2038 if (IN_CLASSA(addr)) 2039 preflen = 8; 2040 else if (IN_CLASSB(addr)) 2041 preflen = 16; 2042 else if (IN_CLASSC(addr)) 2043 preflen = 24; 2044 else if (IN_CLASSD(addr)) 2045 preflen = 28; 2046 else 2047 preflen = 32; /* XXX */ 2048 2049 bcopy(sa, &net->nt_mask, sa->sa_len); 2050 makemask(&net->nt_mask, (int)preflen); 2051 opt_flags |= OP_HAVEMASK; 2052 } 2053 } 2054 2055 if (ai) 2056 freeaddrinfo(ai); 2057 return 0; 2058 2059 fail: 2060 if (ai) 2061 freeaddrinfo(ai); 2062 return 1; 2063 } 2064 2065 /* 2066 * Parse out the next white space separated field 2067 */ 2068 void 2069 nextfield(cp, endcp) 2070 char **cp; 2071 char **endcp; 2072 { 2073 char *p; 2074 2075 p = *cp; 2076 while (*p == ' ' || *p == '\t') 2077 p++; 2078 if (*p == '\n' || *p == '\0') 2079 *cp = *endcp = p; 2080 else { 2081 *cp = p++; 2082 while (*p != ' ' && *p != '\t' && *p != '\n' && *p != '\0') 2083 p++; 2084 *endcp = p; 2085 } 2086 } 2087 2088 /* 2089 * Get an exports file line. Skip over blank lines and handle line 2090 * continuations. 2091 */ 2092 int 2093 get_line() 2094 { 2095 char *p, *cp; 2096 size_t len; 2097 int totlen, cont_line; 2098 2099 /* 2100 * Loop around ignoring blank lines and getting all continuation lines. 2101 */ 2102 p = line; 2103 totlen = 0; 2104 do { 2105 if ((p = fgetln(exp_file, &len)) == NULL) 2106 return (0); 2107 cp = p + len - 1; 2108 cont_line = 0; 2109 while (cp >= p && 2110 (*cp == ' ' || *cp == '\t' || *cp == '\n' || *cp == '\\')) { 2111 if (*cp == '\\') 2112 cont_line = 1; 2113 cp--; 2114 len--; 2115 } 2116 if (cont_line) { 2117 *++cp = ' '; 2118 len++; 2119 } 2120 if (linesize < len + totlen + 1) { 2121 linesize = len + totlen + 1; 2122 line = realloc(line, linesize); 2123 if (line == NULL) 2124 out_of_mem(); 2125 } 2126 memcpy(line + totlen, p, len); 2127 totlen += len; 2128 line[totlen] = '\0'; 2129 } while (totlen == 0 || cont_line); 2130 return (1); 2131 } 2132 2133 /* 2134 * Parse a description of a credential. 2135 */ 2136 void 2137 parsecred(namelist, cr) 2138 char *namelist; 2139 struct xucred *cr; 2140 { 2141 char *name; 2142 int cnt; 2143 char *names; 2144 struct passwd *pw; 2145 struct group *gr; 2146 gid_t groups[NGROUPS + 1]; 2147 int ngroups; 2148 2149 cr->cr_version = XUCRED_VERSION; 2150 /* 2151 * Set up the unprivileged user. 2152 */ 2153 cr->cr_uid = -2; 2154 cr->cr_groups[0] = -2; 2155 cr->cr_ngroups = 1; 2156 /* 2157 * Get the user's password table entry. 2158 */ 2159 names = strsep(&namelist, " \t\n"); 2160 name = strsep(&names, ":"); 2161 if (isdigit(*name) || *name == '-') 2162 pw = getpwuid(atoi(name)); 2163 else 2164 pw = getpwnam(name); 2165 /* 2166 * Credentials specified as those of a user. 2167 */ 2168 if (names == NULL) { 2169 if (pw == NULL) { 2170 syslog(LOG_ERR, "unknown user: %s", name); 2171 return; 2172 } 2173 cr->cr_uid = pw->pw_uid; 2174 ngroups = NGROUPS + 1; 2175 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups)) 2176 syslog(LOG_ERR, "too many groups"); 2177 /* 2178 * Compress out duplicate. 2179 */ 2180 cr->cr_ngroups = ngroups - 1; 2181 cr->cr_groups[0] = groups[0]; 2182 for (cnt = 2; cnt < ngroups; cnt++) 2183 cr->cr_groups[cnt - 1] = groups[cnt]; 2184 return; 2185 } 2186 /* 2187 * Explicit credential specified as a colon separated list: 2188 * uid:gid:gid:... 2189 */ 2190 if (pw != NULL) 2191 cr->cr_uid = pw->pw_uid; 2192 else if (isdigit(*name) || *name == '-') 2193 cr->cr_uid = atoi(name); 2194 else { 2195 syslog(LOG_ERR, "unknown user: %s", name); 2196 return; 2197 } 2198 cr->cr_ngroups = 0; 2199 while (names != NULL && *names != '\0' && cr->cr_ngroups < NGROUPS) { 2200 name = strsep(&names, ":"); 2201 if (isdigit(*name) || *name == '-') { 2202 cr->cr_groups[cr->cr_ngroups++] = atoi(name); 2203 } else { 2204 if ((gr = getgrnam(name)) == NULL) { 2205 syslog(LOG_ERR, "unknown group: %s", name); 2206 continue; 2207 } 2208 cr->cr_groups[cr->cr_ngroups++] = gr->gr_gid; 2209 } 2210 } 2211 if (names != NULL && *names != '\0' && cr->cr_ngroups == NGROUPS) 2212 syslog(LOG_ERR, "too many groups"); 2213 } 2214 2215 #define STRSIZ (RPCMNT_NAMELEN+RPCMNT_PATHLEN+50) 2216 /* 2217 * Routines that maintain the remote mounttab 2218 */ 2219 void 2220 get_mountlist() 2221 { 2222 struct mountlist *mlp, **mlpp; 2223 char *host, *dirp, *cp; 2224 char str[STRSIZ]; 2225 FILE *mlfile; 2226 2227 if ((mlfile = fopen(_PATH_RMOUNTLIST, "r")) == NULL) { 2228 if (errno == ENOENT) 2229 return; 2230 else { 2231 syslog(LOG_ERR, "can't open %s", _PATH_RMOUNTLIST); 2232 return; 2233 } 2234 } 2235 mlpp = &mlhead; 2236 while (fgets(str, STRSIZ, mlfile) != NULL) { 2237 cp = str; 2238 host = strsep(&cp, " \t\n"); 2239 dirp = strsep(&cp, " \t\n"); 2240 if (host == NULL || dirp == NULL) 2241 continue; 2242 mlp = (struct mountlist *)malloc(sizeof (*mlp)); 2243 if (mlp == (struct mountlist *)NULL) 2244 out_of_mem(); 2245 strncpy(mlp->ml_host, host, RPCMNT_NAMELEN); 2246 mlp->ml_host[RPCMNT_NAMELEN] = '\0'; 2247 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN); 2248 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0'; 2249 mlp->ml_next = (struct mountlist *)NULL; 2250 *mlpp = mlp; 2251 mlpp = &mlp->ml_next; 2252 } 2253 fclose(mlfile); 2254 } 2255 2256 void 2257 del_mlist(char *hostp, char *dirp) 2258 { 2259 struct mountlist *mlp, **mlpp; 2260 struct mountlist *mlp2; 2261 FILE *mlfile; 2262 int fnd = 0; 2263 2264 mlpp = &mlhead; 2265 mlp = mlhead; 2266 while (mlp) { 2267 if (!strcmp(mlp->ml_host, hostp) && 2268 (!dirp || !strcmp(mlp->ml_dirp, dirp))) { 2269 fnd = 1; 2270 mlp2 = mlp; 2271 *mlpp = mlp = mlp->ml_next; 2272 free((caddr_t)mlp2); 2273 } else { 2274 mlpp = &mlp->ml_next; 2275 mlp = mlp->ml_next; 2276 } 2277 } 2278 if (fnd) { 2279 if ((mlfile = fopen(_PATH_RMOUNTLIST, "w")) == NULL) { 2280 syslog(LOG_ERR,"can't update %s", _PATH_RMOUNTLIST); 2281 return; 2282 } 2283 mlp = mlhead; 2284 while (mlp) { 2285 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp); 2286 mlp = mlp->ml_next; 2287 } 2288 fclose(mlfile); 2289 } 2290 } 2291 2292 void 2293 add_mlist(hostp, dirp) 2294 char *hostp, *dirp; 2295 { 2296 struct mountlist *mlp, **mlpp; 2297 FILE *mlfile; 2298 2299 mlpp = &mlhead; 2300 mlp = mlhead; 2301 while (mlp) { 2302 if (!strcmp(mlp->ml_host, hostp) && !strcmp(mlp->ml_dirp, dirp)) 2303 return; 2304 mlpp = &mlp->ml_next; 2305 mlp = mlp->ml_next; 2306 } 2307 mlp = (struct mountlist *)malloc(sizeof (*mlp)); 2308 if (mlp == (struct mountlist *)NULL) 2309 out_of_mem(); 2310 strncpy(mlp->ml_host, hostp, RPCMNT_NAMELEN); 2311 mlp->ml_host[RPCMNT_NAMELEN] = '\0'; 2312 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN); 2313 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0'; 2314 mlp->ml_next = (struct mountlist *)NULL; 2315 *mlpp = mlp; 2316 if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) { 2317 syslog(LOG_ERR, "can't update %s", _PATH_RMOUNTLIST); 2318 return; 2319 } 2320 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp); 2321 fclose(mlfile); 2322 } 2323 2324 /* 2325 * Free up a group list. 2326 */ 2327 void 2328 free_grp(grp) 2329 struct grouplist *grp; 2330 { 2331 if (grp->gr_type == GT_HOST) { 2332 if (grp->gr_ptr.gt_addrinfo != NULL) 2333 freeaddrinfo(grp->gr_ptr.gt_addrinfo); 2334 } else if (grp->gr_type == GT_NET) { 2335 if (grp->gr_ptr.gt_net.nt_name) 2336 free(grp->gr_ptr.gt_net.nt_name); 2337 } 2338 free((caddr_t)grp); 2339 } 2340 2341 #ifdef DEBUG 2342 void 2343 SYSLOG(int pri, const char *fmt, ...) 2344 { 2345 va_list ap; 2346 2347 va_start(ap, fmt); 2348 vfprintf(stderr, fmt, ap); 2349 va_end(ap); 2350 } 2351 #endif /* DEBUG */ 2352 2353 /* 2354 * Check options for consistency. 2355 */ 2356 int 2357 check_options(dp) 2358 struct dirlist *dp; 2359 { 2360 2361 if (dp == (struct dirlist *)NULL) 2362 return (1); 2363 if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) { 2364 syslog(LOG_ERR, "-mapall and -maproot mutually exclusive"); 2365 return (1); 2366 } 2367 if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) { 2368 syslog(LOG_ERR, "-mask requires -network"); 2369 return (1); 2370 } 2371 if ((opt_flags & OP_NET) && (opt_flags & OP_HAVEMASK) == 0) { 2372 syslog(LOG_ERR, "-network requires mask specification"); 2373 return (1); 2374 } 2375 if ((opt_flags & OP_MASK) && (opt_flags & OP_MASKLEN)) { 2376 syslog(LOG_ERR, "-mask and /masklen are mutually exclusive"); 2377 return (1); 2378 } 2379 if ((opt_flags & OP_ALLDIRS) && dp->dp_left) { 2380 syslog(LOG_ERR, "-alldirs has multiple directories"); 2381 return (1); 2382 } 2383 return (0); 2384 } 2385 2386 /* 2387 * Check an absolute directory path for any symbolic links. Return true 2388 */ 2389 int 2390 check_dirpath(dirp) 2391 char *dirp; 2392 { 2393 char *cp; 2394 int ret = 1; 2395 struct stat sb; 2396 2397 cp = dirp + 1; 2398 while (*cp && ret) { 2399 if (*cp == '/') { 2400 *cp = '\0'; 2401 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode)) 2402 ret = 0; 2403 *cp = '/'; 2404 } 2405 cp++; 2406 } 2407 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode)) 2408 ret = 0; 2409 return (ret); 2410 } 2411 2412 /* 2413 * Make a netmask according to the specified prefix length. The ss_family 2414 * and other non-address fields must be initialised before calling this. 2415 */ 2416 int 2417 makemask(struct sockaddr_storage *ssp, int bitlen) 2418 { 2419 u_char *p; 2420 int bits, i, len; 2421 2422 if ((p = sa_rawaddr((struct sockaddr *)ssp, &len)) == NULL) 2423 return (-1); 2424 if (bitlen > len * CHAR_BIT) 2425 return (-1); 2426 2427 for (i = 0; i < len; i++) { 2428 bits = (bitlen > CHAR_BIT) ? CHAR_BIT : bitlen; 2429 *p++ = (1 << bits) - 1; 2430 bitlen -= bits; 2431 } 2432 return 0; 2433 } 2434 2435 /* 2436 * Check that the sockaddr is a valid netmask. Returns 0 if the mask 2437 * is acceptable (i.e. of the form 1...10....0). 2438 */ 2439 int 2440 checkmask(struct sockaddr *sa) 2441 { 2442 u_char *mask; 2443 int i, len; 2444 2445 if ((mask = sa_rawaddr(sa, &len)) == NULL) 2446 return (-1); 2447 2448 for (i = 0; i < len; i++) 2449 if (mask[i] != 0xff) 2450 break; 2451 if (i < len) { 2452 if (~mask[i] & (u_char)(~mask[i] + 1)) 2453 return (-1); 2454 i++; 2455 } 2456 for (; i < len; i++) 2457 if (mask[i] != 0) 2458 return (-1); 2459 return (0); 2460 } 2461 2462 /* 2463 * Compare two sockaddrs according to a specified mask. Return zero if 2464 * `sa1' matches `sa2' when filtered by the netmask in `samask'. 2465 * If samask is NULL, perform a full comparision. 2466 */ 2467 int 2468 sacmp(struct sockaddr *sa1, struct sockaddr *sa2, struct sockaddr *samask) 2469 { 2470 unsigned char *p1, *p2, *mask; 2471 int len, i; 2472 2473 if (sa1->sa_family != sa2->sa_family || 2474 (p1 = sa_rawaddr(sa1, &len)) == NULL || 2475 (p2 = sa_rawaddr(sa2, NULL)) == NULL) 2476 return (1); 2477 2478 switch (sa1->sa_family) { 2479 case AF_INET6: 2480 if (((struct sockaddr_in6 *)sa1)->sin6_scope_id != 2481 ((struct sockaddr_in6 *)sa2)->sin6_scope_id) 2482 return (1); 2483 break; 2484 } 2485 2486 /* Simple binary comparison if no mask specified. */ 2487 if (samask == NULL) 2488 return (memcmp(p1, p2, len)); 2489 2490 /* Set up the mask, and do a mask-based comparison. */ 2491 if (sa1->sa_family != samask->sa_family || 2492 (mask = sa_rawaddr(samask, NULL)) == NULL) 2493 return (1); 2494 2495 for (i = 0; i < len; i++) 2496 if ((p1[i] & mask[i]) != (p2[i] & mask[i])) 2497 return (1); 2498 return (0); 2499 } 2500 2501 /* 2502 * Return a pointer to the part of the sockaddr that contains the 2503 * raw address, and set *nbytes to its length in bytes. Returns 2504 * NULL if the address family is unknown. 2505 */ 2506 void * 2507 sa_rawaddr(struct sockaddr *sa, int *nbytes) { 2508 void *p; 2509 int len; 2510 2511 switch (sa->sa_family) { 2512 case AF_INET: 2513 len = sizeof(((struct sockaddr_in *)sa)->sin_addr); 2514 p = &((struct sockaddr_in *)sa)->sin_addr; 2515 break; 2516 case AF_INET6: 2517 len = sizeof(((struct sockaddr_in6 *)sa)->sin6_addr); 2518 p = &((struct sockaddr_in6 *)sa)->sin6_addr; 2519 break; 2520 default: 2521 p = NULL; 2522 len = 0; 2523 } 2524 2525 if (nbytes != NULL) 2526 *nbytes = len; 2527 return (p); 2528 } 2529 2530 void 2531 huphandler(int sig) 2532 { 2533 got_sighup = 1; 2534 } 2535 2536 void terminate(sig) 2537 int sig; 2538 { 2539 close(mountdlockfd); 2540 unlink(MOUNTDLOCK); 2541 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL); 2542 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL); 2543 exit (0); 2544 } 2545